Control of access to content has become a vital aspect of many business models in the digital television broadcasting industry. Various conditional access (CA) systems are or have been used in the industry to control, or limit, access to digital television services such as, for example, pay-per-view programming services, premium channel (e.g., HBO) programming services, and video-on-demand programming services. CA systems prevent subscribers from accessing services unless certain conditions are met (e.g., the subscriber has entered into an agreement to pay for a service).
CA systems encrypt digital content streams so that the streams can only be accessed by equipment at the subscriber's premises that has the proper hardware and/or software configuration for decrypting the digital content stream. Therefore, the CA system can be viewed as having a first portion external to the subscriber premises somewhere in the network that encrypts the digital content stream, and a second portion located at the subscriber's premises, which decrypts the digital content stream to enable the subscriber to acquire the service. The second portion is typically located in a STB at the subscriber's premises, but may also be incorporated into a Cablecard or Smartcard that interfaces with a digital cable-ready television or other device.
In the United States, the first and second portions of a particular CA system have traditionally been specific to a particular manufacturer. The digital content stream is encrypted in accordance with a particular manufacturer's CA system encrypting scheme, and that encryption scheme is proprietary and not available to the public. Therefore, the decrypting hardware and/or software configuration in the STB needs to be specifically designed or configured to decrypt the digital content stream. Consequently, if a particular manufacturer's CA system is used at the headend, the STB is typically provided by the same manufacturer. In Europe, a single encryption scheme called the Common Scrambling Algorithm (CSA) is used to encrypt the content stream. The CSA technology is available for license by manufacturers of subscriber premises equipment.
Recently, downloadable CA systems (DCASs) have been proposed that will enable STBs to be used with different CA systems, provided the STBs employ standard DCAS capability. DCAS technology eliminates the need to implement a particular CA-system specific hardware architecture in the STB or in a cable card at the subscriber's premises in order to decrypt the encrypted content stream. Instead, a CA system software module is securely downloaded from the network to the subscriber's STB. The downloaded software module is executed by a programmable secure processor within the STB to enable the STB to decrypt the digital content stream to enable the user to access the content.
FIG. 1 illustrates a block diagram of a proposed DCAS configuration intended to be employed in a STB 11. A host processor 12 of the STB 11 is programmed to execute a DCAS kernel that is specific to the particular CA system to be used. The STB 11 sends a request to download a DCAS software module to a downloading facility 14, which is typically operated by the network operator that services the subscriber's premises. The DCAS software module transmitted in response to the request is downloaded to the STB 11. The downloaded DCAS software suite is made up of separate modules that are executed by a secure processor 13 and the host processor 12.
The CA system software module executed by the host processor 12 controls sending and receiving of messages and commands to and from the secure processor 13 and to and from a transport processor 15. The CA system software module executed by the secure processor 13 responds to messages from the host processor 12. Commands received by the transport processor 15 from the host processor 12 are performed by the transport processor 15 to cause the transport processor 15 to configure itself to look for particular Entitlement Control Messages (ECMs) and Entitlement Management Messages (EMMs) that are transported either as part of the encrypted content stream, or in logically-related data streams. The ECM contains access criteria and a CAS-encrypted content decryption key called a control word (CW). The EMM is an encrypted message that contains private conditional access information about the authority a subscriber has to acquire content.
When the transport processor 15 locates the EMM and ECM, it forwards these messages to the host processor 12. The host processor 12 forwards the ECM and EMM to the secure processor 13, which is executing the downloaded CA system software module. The secure processor 13 checks the EMM to determine whether the subscriber is authorized to access the content. If so, the secure processor 13 decrypts the ECM and obtains the CW, which is then sent to the host processor 12. The host processor 12 sends the CW to the transport processor 15, which it uses to decrypt the content stream. If the EMM does not indicate that the subscriber has authorization to access the content, the encrypted content stream will not be decrypted.
One of the disadvantages of the DCAS technology described above is that the host processor 12 must be configured to execute some portion of the DCAS kernel. Different STBs use different types of host processors. Therefore, a DCAS kernel designer is faced with potentially having to design a different DCAS kernel for each different type of host processor, which increases the amount of work and the costs associated with implementing a given DCAS. Another disadvantage of the DCAS technology described above is that it allows CA system-specific code to reside in the unsecure host processor 12. This increases the observability of certain aspects of the CA system, and could potentially lead to the disclosure of security vulnerabilities that may be exploited by individuals who are attempting to break the CA system to gain unauthorized access. Another disadvantage of the DCAS technology described above is that because specific code must reside on the host processor, the code cannot be written only once, but must be ported for each instance of the host processor and operating system that will be encountered in the field.
In addition, the control word (CW) is transmitted from the secure processor 13 to the unsecure host processor 12 and then to the transport processor 15. While in most instances, the control word is transmitted in an encrypted form, this code words is still accessible in this state to pirates and hackers. Thus, it is possible that one could obtain the CW and potentially decrypt it and obtain the content inappropriately.
Accordingly, a need exists for a downloadable CA system that does not require that the host processor execute CA system-specific code or functionality and that is not vulnerable to security risks.